Vulnerability Reportpython:3.14.5-alpine3.22

python:3.14.5-alpine3.22
DIGESTsha256:6b91e66ab2a880ce9ca5a1b91c70f45963ff71ff68268df056336e1a657d5efd

Executive Summary

Last scanned:

Threat Score
0/100SAFE
Reputation
TRUSTED

This base/runtime image is a clean foundation for building production images. Although it contains 10 exposed and 21 post-exploit vulnerabilities, all are low severity (max 5.35 exposed, max 2.92 post-exploit) and no high-severity issues are present. The image is official, trusted, and pinned by digest, ensuring integrity. The low severity of these vulnerabilities means they pose minimal practical risk in typical deployment scenarios. Note: this is a general-purpose base/runtime image — many findings live in components that an application built on top may never load, so actual exploitability depends on the final image. For an accurate risk picture, re-scan the final application image with context.

Vulnerabilities

Vulnerability Log

31 total
CVE IDAdjusted SeverityPackageExploit ProbabilityRisk Context
CVE-2026-34181MEDIUM5.35
libcrypto3
3.5.6-r0
fixed in 3.5.7-r0
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-42768MEDIUM5.35
libcrypto3
3.5.6-r0
fixed in 3.5.7-r0
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-34181MEDIUM5.35
libssl3
3.5.6-r0
fixed in 3.5.7-r0
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-42768MEDIUM5.35
libssl3
3.5.6-r0
fixed in 3.5.7-r0
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-7383MEDIUM4.67
libcrypto3
3.5.6-r0
fixed in 3.5.7-r0
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-7383MEDIUM4.67
libssl3
3.5.6-r0
fixed in 3.5.7-r0
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-34180MEDIUM4.25
libcrypto3
3.5.6-r0
fixed in 3.5.7-r0
0.5%
Theoretical Threat
Directly Exposed
CVE-2026-34180MEDIUM4.25
libssl3
3.5.6-r0
fixed in 3.5.7-r0
0.5%
Theoretical Threat
Directly Exposed
CVE-2026-45446LOW3.15
libcrypto3
3.5.6-r0
fixed in 3.5.7-r0
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-45446LOW3.15
libssl3
3.5.6-r0
fixed in 3.5.7-r0
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-45447LOW2.92
libcrypto3
3.5.6-r0
fixed in 3.5.7-r0
2.7%
Low-Moderate Risk
Post-Exploit
CVE-2026-45447LOW2.92
libssl3
3.5.6-r0
fixed in 3.5.7-r0
2.7%
Low-Moderate Risk
Post-Exploit
CVE-2026-8643LOW2.8
pip
26.1.1
fixed in 26.1.2
0.3%
Theoretical Threat
Post-Exploit
CVE-2026-45445LOW2.78
libcrypto3
3.5.6-r0
fixed in 3.5.7-r0
0.3%
Theoretical Threat
Post-Exploit
CVE-2026-45445LOW2.78
libssl3
3.5.6-r0
fixed in 3.5.7-r0
0.3%
Theoretical Threat
Post-Exploit
CVE-2026-34183LOW2.29
libcrypto3
3.5.6-r0
fixed in 3.5.7-r0
0.5%
Theoretical Threat
Post-Exploit
CVE-2026-34183LOW2.29
libssl3
3.5.6-r0
fixed in 3.5.7-r0
0.5%
Theoretical Threat
Post-Exploit
CVE-2026-34182LOW2.26
libcrypto3
3.5.6-r0
fixed in 3.5.7-r0
0.2%
Theoretical Threat
Post-Exploit
CVE-2026-34182LOW2.26
libssl3
3.5.6-r0
fixed in 3.5.7-r0
0.2%
Theoretical Threat
Post-Exploit
CVE-2026-42764LOW1.81
libcrypto3
3.5.6-r0
fixed in 3.5.7-r0
0.7%
Theoretical Threat
Post-Exploit
CVE-2026-42769LOW1.81
libcrypto3
3.5.6-r0
fixed in 3.5.7-r0
0.3%
Theoretical Threat
Post-Exploit
CVE-2026-42770LOW1.81
libcrypto3
3.5.6-r0
fixed in 3.5.7-r0
0.3%
Theoretical Threat
Post-Exploit
CVE-2026-9076LOW1.81
libcrypto3
3.5.6-r0
fixed in 3.5.7-r0
0.3%
Theoretical Threat
Post-Exploit
CVE-2026-42764LOW1.81
libssl3
3.5.6-r0
fixed in 3.5.7-r0
0.7%
Theoretical Threat
Post-Exploit
CVE-2026-42769LOW1.81
libssl3
3.5.6-r0
fixed in 3.5.7-r0
0.3%
Theoretical Threat
Post-Exploit
CVE-2026-42770LOW1.81
libssl3
3.5.6-r0
fixed in 3.5.7-r0
0.3%
Theoretical Threat
Post-Exploit
CVE-2026-9076LOW1.81
libssl3
3.5.6-r0
fixed in 3.5.7-r0
0.3%
Theoretical Threat
Post-Exploit
CVE-2026-42766LOW1.62
libcrypto3
3.5.6-r0
fixed in 3.5.7-r0
0.6%
Theoretical Threat
Post-Exploit
CVE-2026-42767LOW1.62
libcrypto3
3.5.6-r0
fixed in 3.5.7-r0
0.3%
Theoretical Threat
Post-Exploit
CVE-2026-42766LOW1.62
libssl3
3.5.6-r0
fixed in 3.5.7-r0
0.6%
Theoretical Threat
Post-Exploit
CVE-2026-42767LOW1.62
libssl3
3.5.6-r0
fixed in 3.5.7-r0
0.3%
Theoretical Threat
Post-Exploit

Want to check another image? Run a full scan with the Docker Security Scanner.